Glitch sound bank: Difference between revisions
Jump to navigation
Jump to search
Content added Content deleted
| Line 8: | Line 8: | ||
==Sound bank arbitrary code execution== |
==Sound bank arbitrary code execution== |
||
{{main|Sound bank arbitrary code execution}} |
{{main|Sound bank arbitrary code execution}} |
||
Arbitrary code execution is possible in Pokémon Red and Blue with sound bank 0A. The code at 0A:58EA will run some instructions which corrupt the stack. F55B (D55B, stored PC item 17) will become the stack, so can be changed to somewhere easier such as 22 D3 (inventory item 3) using Water Stone x211 at PC item 17. As the stack was corrupted and the game will typically freeze, it may be more convenient to write to use arbitrary code execution to write to the save file (SRAM) rather than only writing to RAM. This can be done by calling 1C:778C (SaveSAVtoSRAM0) without the complications of save file checksums. |
Arbitrary code execution is possible in Pokémon Red and Blue with sound bank 0A. The code at 0A:58EA will run some instructions which corrupt the stack. F55B (D55B, stored PC item 17) will become the stack, so can be changed to somewhere easier such as 22 D3 (inventory item 3) using Water Stone x211 at PC item 17. As the stack was corrupted and the game will typically freeze, it may be more convenient to write to use arbitrary code execution to write to the save file (SRAM) rather than only writing to RAM. This can be done by modifying RAM which persists after saving and resetting, then calling 1C:778C (SaveSAVtoSRAM0) to save the game without the complications of save file checksums. |
||
{{YouTube|nO0nEoQgQlE|ChickasaurusGL}} |
{{YouTube|nO0nEoQgQlE|ChickasaurusGL}} |
||
[[Category:Glitch audio]] |
[[Category:Glitch audio]] |
||